Microsoft Security Advisory (2887505) On September 17th, 2013, Microsoft published Security Advisory 2887505, which coverers a remote code execution vulnerability in all supported versions of Microsoft Internet Explorer. The flaw resides in the handling of objects in memory which have been deleted or improperly allocated. Specifically, a use-after-free flaw in the HTML rendering engine (aka Read more...More

Recently we found some new malware samples using AutoIt to hide themselves. On further analysis we found that those sample belong to the Vertexnet botnet. They use multiple layers of obfuscation; once decoded, they connect to a control server to accept commands and transfer stolen data. This sample is packed using a custom packer. On Read more...More

Last month, I posted a blog about an increase in the use of AutoIt scripts by malware authors to carry out malicious activities. Attackers have used AutoIt scripts for a long time, and they are gaining in popularity due to their flexible and powerful nature. We have now come across another piece of malware (which Read more...More

THE DATA IS FURNISHED, "AS IS" WITHOUT ANY WARRANTY OF ANY KIND, AND MCAFEE® HEREBY DISCLAIM ALL WARRANTIES, EXPRESS, IMPLIED OR STATUTORY INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES AS TO NON-INFRINGEMENT, AND IN NO EVENT SHALL MCAFEE® BE LIABLE FOR COSTS OF PROCURING SUBSTITUTE GOODS. IN NO EVENT WILL MCAFEE® BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT MCAFEE® HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.